The tacker.keymgr.barbican_key_manager Module

Key manager implementation for Barbican

class tacker.keymgr.barbican_key_manager.BarbicanKeyManager(auth_url)

Bases: tacker.keymgr.key_manager.KeyManager

Key Manager Interface that wraps the Barbican client API.

delete(context, managed_object_id)

Deletes the specified managed object.

Parameters:
  • context – contains information of the user and the environment for the request
  • managed_object_id – the UUID of the object to delete
Raises:
get(context, managed_object_id, metadata_only=False)

Retrieves the specified managed object.

Parameters:
  • context – contains information of the user and the environment for the request
  • managed_object_id – the UUID of the object to retrieve
  • metadata_only – whether secret data should be included
Returns:

ManagedObject representation of the managed object

Raises:
store(context, secret, expiration=None)

Stores a secret with the key manager.

Parameters:
  • context – contains information of the user and the environment for the request
  • secret – a secret object with unencrypted payload. Known as “secret” to the barbicanclient api
  • expiration – the expiration time of the secret in ISO 8601 format
Returns:

the UUID of the stored object

Raises:

KeyManagerError – if object store fails